Security audit
test-driven-development
Security checks across malware telemetry and agentic risk
Overview
This is an instruction-only TDD workflow skill with no bundled code, install hooks, persistence, credential access, or hidden behavior.
Install this if you want an agent to follow a strict TDD process in your repositories. Review code diffs before committing, expect local tests and coverage commands to run, and use the ralph emit step only when its configured destination is acceptable for build-status metadata.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
